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PRELIMINARY AMENDMENT 
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WASHINGTON, D.C. 20231 

SIR: 

Prior to a first examination on the merits, please amend the above-identified 
application as follows: 



TN THE CLAIMS 
Please cancel Claims 1-8 without prejudice. 
Please add new Claims 9-20 as follows: 

9. (New) A method for setting in a situation-dependent way a degree of security of 
cryptography functions which are used in at least one communication terminal, which one 
communication terminal communicates by at least one telecommunication network, in which 



method situation-indicating parameters are received in the one communication terminal over 
r the telecommunication network from a secure source, wherein 

based on current received situation-indicating parameters, security parameters are 
determined in the one communication terminal, which security parameters are associated in 
the one communications terminal with the respective situation-indicating parameters, and 
which security parameters include at least one of a length of cryptographic keys and a 
rfc designation of cryptographic algorithms which are used by the cryptography functions and 
which determine a height of the degree of security of the cryptography functions. 

10. (New) The method according to claim 9, wherein at least certain of said 
fM, situation-indicating parameters contain service-specific data which are transmitted in a 

2 

Li secure way over the telecommunication network to the one communication terminal by a 

yj 

fZ service server from which the one communication terminal obtains services. 

i{ 

11. (New) The method according to claim 9, wherein at least certain of said 

, p situation-indicating parameters contain data about a permissible degree of security or 

P 

fy permissible security parameters which are transmitted in a secure way over the 
O telecommunication network to the one communication terminal by a service server from 
which the one communication terminal obtains services. 

12. (New) The method according claim 9, wherein at least one of said 
communication terminals is a mobile radio device, and at least one of said 
situation-indicating parameters contains a country code which is transmitted to the mobile 
radio device by a mobile radio network in which the mobile radio device is roaming. 

13. (New) The method according to claim 10, wherein at least one of said 
situation-indicating parameters contains data about a permissible degree of security or 



permissible security parameters which are transmitted in a secure way over the 
telecommunication network to the one communication terminal by a service server from 
which the one communication terminal obtains services. 

14. (New) The method according claim 10, wherein at least one of said 
communication terminals is a mobile radio device, and at least one of said 
situation-indicating parameters contains a country code which is transmitted to the mobile 
radio device by a mobile radio network in which the mobile radio device is roaming. 

15. (New) The method according claim 11, wherein at least one of said 
communication terminals is a mobile radio device, and at least one of said 
situation-indicating parameters contains a country code which is transmitted to the mobile 
radio device by a mobile radio network in which the mobile radio device is roaming. 

16. (New) The method according claim 13, wherein at least one of said 
communication terminals is a mobile radio device, and at least one of said 
situation-indicating parameters contains a country code which is transmitted to the mobile 
radio device by a mobile radio network in which the mobile radio device is roaming. 

17. (New) A communication terminal which communicates by a telecommunication 
network, which communication terminal includes a degree-of-security-determining module 
in order to set in a situation-dependent way a degree of security of cryptography functions 
which are used in the communication terminal, which degree-of-security-determining module 
receives situation-indicating parameters from a secure source in a secure way over the 
telecommunication network, wherein 

the degree-of-security-determining module includes tables or corresponding program 
instructions by which corresponding security parameters are associated with currently 



received situation-indicating parameters, which security parameters include at least one of a 
length of cryptographic keys and a designation of cryptographic algorithms which are used 
by the cryptography functions and which determine a height of the degree of security of the 
cryptography functions. 

18. (New) A chipcard which is removably connectible to a communication terminal, 
which communication terminal communicates by a telecommunication network, which 
chipcard includes a degree-of-security-determining module in order to set in a 
situation-dependent way a degree of security of cryptography functions used in the 
communication terminal, which degree-of-security-determining module receives 
situation-indicating parameters in a secure way over the telecommunication network from a 
secure source, wherein 

the degree-of-security-determining module includes tables or corresponding program 
instructions by which corresponding security parameters are associated with currently 
received situation-indicating parameters, which security parameters include at least one of a 
length of cryptographic keys and a designation of cryptographic algorithms which are used 
by the cryptography functions and which determine a height of the degree of security of the 
cryptography functions. 

19. (New) A computer-readable data carrier containing coded data representing a 
computer program, which computer program is configured to control a processor in a 
communication terminal, which communication terminal communicates over a 
telecommunication network, such that the communication terminal sets in a 
situation-dependent way a degree of security of cryptography functions used in the 
communication terminal, whereby the communication terminal receives situation-indicating 



parameters over the telecommunication network from a secure source in a secure way, 
wherein 

the computer program includes tables or corresponding instructions by which 
corresponding security parameters are associated with currently received situation-indicating 
parameters, which security parameters include at least one of a length of cryptographic keys 
and a designation of cryptographic algorithms which are used by the cryptography functions 
and which determine a height of the degree of security of the cryptography functions. 

20. (New) A computer program element having: computer program code means in 
order to control a processor in a communication terminal, which communication terminal 
communicates by a telecommunication network, such that the processor sets in a 
situation-dependent way a degree of security of cryptography functions used in the 
communication terminal, whereby the processor receives situation-indicating parameters 
over the telecommunication network from a secure source in a secure way, wherein 

the computer program includes tables or corresponding program instructions by 
which corresponding security parameters are associated with currently received 
situation-indicating parameters, which security parameters include at least one of a length of 
cryptographic keys and a designation of cryptographic algorithms, which are used by the 
cryptography functions and which determine a height of the degree of security of the 
cryptography functions. 
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IN THE ABSTRACT 
Please amend the Abstract on page 1 1 as follows: 
ABSTRACT 

A method and suitable devices to set the degree of security of cryptography functions 
in communication terminals in a situation-dependent way. Situation-indicating parameters, 
for instance a country code for the country in which the communication terminal is 

>i momentarily located, are received in a communication terminal, in particular a mobile radio 
telephone, in a secure way from a secure source by a telecommunication network, in 
particular a mobile radio network. And, based on received situation-indicating parameters, 

yu security parameters are determined in the communication terminal, for instance the maximal 

O permissible bit length of cryptographic keys, which security parameters are used by the 

H ! cryptography functions and determine the degree of security. 

in 

- M 

ry Favorable consideration of this application, as presently amended, is respectfully 

p requested. 

RJ 

The present preliminary amendment is submitted to place the above-identified 
application in more proper format under United States practice. 

By the present preliminary amendment Claims 1-8 are canceled and new Claims 9-20 
are presented for examination. New Claims 9-20 are deemed to be self-evident from the 
original disclosure, including canceled Claims 1-8, and thus are not deemed to raise any 
issues of new matter. No differences between new Claims 9-20 and canceled Claims 1-8 are 
believed to narrow the scope of new Claims 9-20. 



The Abstract has also been amended to be in more proper format under United States 
practice. 

The present application is believed to be in condition for a full and thorough 
examination on the merits. An early and favorable consideration of the present application is 
hereby respectfully requested. 

Respectfully submitted, 

OBLON, SPIVAK, McCLELLAND, 
MAIER & NEUSTADT, P.C. 




Gregory J. Maier 
Attorney of Record 
Registration No. 25,599 
Surinder Sachar 
Registration No. 34,423 
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IN THE CLAIMS 

Claims 1-8 (Canceled). 
Claims 9-20 (New). 

IN THE ABSTRACT 
Please amend the Abstract on page 1 1 as follows: 

~A method and suitable devices to set the degree of security of cryptography 
functions [(11, 23)] in communication terminals [(2)] in a situation-dependent way[, 
situation-indicating] . Situation-indicating parameters, for instance a country code for the 
country in which the communication terminal [(2)] is momentarily located, are received in 
communication terminal [(2)], in particular a mobile radio telephone [(2)], in a [secured] 
secure way from a secure source [(3, 4) via] by a telecommunication network [(3)], in 
particular a mobile radio network [(3), and]^And, based on received situation-indicating 
parameters, security parameters are determined in the communication terminal [(2)], for 
instance the maximal permissible [(bit)] bit length of cryptographic keys, which security 
parameters are used by the cryptography functions [(11, 23)] and determine the degree of 
security. 

[(sole figure)]-- 
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Method and Suitable Devices for Setting the D egree of S ecurity of 
Cryptography Functions 

This invention relates to a method and suitable devices for setting the 
degree of security of cryptography functions. In particular, this invention 
5 relates to a method and suitable devices for setting the degree of security of 
cryptography functions used in communication terminals. 

It is common practice today to use cryptography methods to protect 
confidential data from being accessed by unauthorized third parties during 
transmission over telecommunication networks, in particular during 

10 transmission over mobile radio networks, by means of which cryptography 
methods the confidential data are encrypted by the sender before being 
transmitted over the telecommunication network and are decrypted by the 
recipient after being transmitted over the telecommunication network. Different 
cryptography methods have different degrees of security, depending upon 

15 security parameters such as the cryptography algorithms used and the 

cryptographic keys applied therein, in particular the bit length of the keys used 
therein. The users of the cryptography methods, for example service providers, 
such as financial institutions, or those availing of services, such as bank 
clients, generally desire a high degree of security. However, national interests 

20 of certain countries in which, for example, respective cryptographic products 
are produced and/or in which holders of respective protective rights reside, call 
for preventing the dissemination of cryptography products, for example starting 
at certain predefined degrees of security or using certain predefined security 
parameters, beyond national borders or at least into certain predefined 

25 countries. For the producers of such cryptography products, who, in their own 
economic interests, would like to market their products worldwide as much as 
possible, but who are subject to national regulations and legal stipulations, the 
problem then arises of how they can pursue their own interests as efficiently as 
possible while respecting national regulations. Producing, administering and 

30 maintaining different cryptography products for different markets has not 
proven to be an optimal solution since the product versions and in particular 
also combinations with other products, in which cryptography products are 
integrated, are far too numerous and entail an uneconomical additional 
expense. In alternative solutions, the same product is supplied everywhere, 

35 but certain parts subject to the imposed national restriction regulations are 
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deactivated by switches before product delivery, for instance by means of 
software switches switched on or off by setting so-called flags. The problem 
with this alternative solution is that these switches can often be changed also 
by third parties, for example through so-called program patches that are able to 
manipulate the mentioned flags. 

Described in the patent application EP 779 760 A1 is a method to 
indicate to a respective user in a mobile station whether the data transmission 
between the mobile station and the mobile communications system is 
encrypted or not. To achieve this, according to the teachings of EP 779 760 
A1 , the signals exchanged between the mobile station and the mobile 
communications system are monitored, and on the basis of the monitored 
signals it is indicated to the user whether the exchanged data are encrypted or 
not, for example by reproducing different acoustical signals for the user for the 
encrypted mode and for the unencrypted mode. In accordance with GSM 
standards (Global System for Mobile Communication), the encryption mode 
according to EP 779 760 A1 is set in the encrypted mode, or respectively in the 
unencrypted mode, by units in the mobile communications system by means of 
so-called "cipher code command" messages. According to the teaching of EP 
779 760 A1 , the current encryption mode can be indicated by the central 
processor of the mobile station, for example, in a display data field provided 
therefor which comprises e.g. a single information bit. 

It is an object of this invention to propose a new and better method as 
well as devices suitable therefor which make it possible to set the degree of 
security of cryptography functions used in communication terminals, in 
particular in a situation-dependent way. 

This object is achieved according to the present invention through the 
elements of the independent claims. Further advantageous embodiments 
follow moreover from the dependent claims and from the specification. 

This object is achieved through the present invention in particular in that 
situation-indicating parameters from a secure source, which is authenticated as 
a secure source by means of a digital certificate, for example, are received via 
the telecommunication network in a secure way, e.g. directly, without 

AMENDED PAGE 
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possibilities of being influenced by other elements, in a communication terminal 
that communicates over telecommunication networks from an encoded data 
object with certified key or as a component, which cannot be influenced, of the 
protocol used in the respective telecommunication network, and in that security 
5 parameters, for instance the maximal permissible length of cryptographic keys 
or permitted cryptographic algorithms, are determined in the communication 
terminal based on received situation-indicating parameters. These security 
parameters are then used by cryptography functions and determine the degree 
of security. The advantage of this method is that the degree of security of 

10 cryptography functions used in the communication terminal, or respectively of 
the security parameters applied by these cryptography functions, can be set 
situation-dependently and dynamically so that differing cryptography products 
do not have to be supplied in different destination markets and no switches 
have to be set by manufacturers in a fixed way, the effect of which switches can 

15 be cancelled by one-time overwriting. 

In an embodiment variant, at least certain situation-dependent 
parameters contain service-specific data, for example data relating to the type 
of respective service, which are transmitted in a secure way, e.g. encrypted 
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and/or as a component of a digital, encoded data object with certified key, over 
the telecommunication network to the communication terminal by a service 
server, for instance an e-mail server or a file-transfer server from which the 
said communication terminal obtains services. The advantage of taking into 

5 account service-specific data in determining the degree of security of 

cryptography functions is that different degrees of security can be prescribed 
and set for different services, e.g. higher degrees of security for financial 
services than for e-mail services, for different levels of services, e.g. differing 
degrees of security on the transport level and on the application level, and for 

10 different applications of services, e.g. different degrees of security for file 
transfer in a financial application (financial service) than in a database 
application (data service). 

In an embodiment variant, at least certain situation-indicating 
parameters contain data about the permissible degree of security, for instance 

15 according to an internationally agreed-upon standard or permissible security 
parameters, e.g. data about specific permissible cryptographic algorithms, 
which are transmitted to the communication terminal over the telecommunica- 
tion network in a secure way, for example encrypted and/or as a component of 
a digital, encoded data object with certified key, by a service server from which 

20 the communication terminal obtains services. 

In an embodiment variant, at least certain of the communication 
terminals are mobile radio devices, for example mobile radio telephones or 
communication-capable laptop or palmtop computers for GSM (Global System 
for Mobile Communication), UMTS (Universal Mobile Telephone System) or 

25 other, for instance satellite-based, mobile radio networks, and at least certain 
situation-indicating parameters contain a country code which is transmitted to 
the mobile radio device by a mobile radio network in which the mobile radio 
device is roaming. Application of the method according to the invention in 
mobile radio devices, in particular using country codes as situation-indicating 

30 parameters, has the advantage that the degree of security of the cryptography 
functions used can be dynamically adapted to the restrictions concerning 
permissible maximal degrees of security valid in a respective country of 
location. 
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It should be mentioned here that, besides a method according to the 
invention, the present invention also relates to a communication terminal 
according to the invention, in particular to a mobile communication terminal, for 
example a mobile radio telephone or a communication-capable laptop or 

5 palmtop computer for GSM, UMTS or other, e.g. satellite-based, mobile radio 
networks, to a chipcard according to the invention, for example an SIM card 
(Subscriber Identification Module), which can be inserted into a communication 
terminal, as well as to a computer-readable data carrier according to the 
invention and to a computer program element according to the invention. 

10 An embodiment of the present invention will be described in the 

following with reference to an example. The example of the embodiment will be 
illustrated by the following sole attached figure: 

Figure 1 shows a block diagram with a schematic illustration of a first 
mobile radio device with a chipcard, a second mobile radio device as well as a 

15 service server which are connected to a mobile radio network. 

The reference numeral 3 in Figure 1 refers to a telecommunication 
network, in particular a mobile radio network 3, e.g. a GSM, UMTS or other, 
e.g. satellite-based, mobile radio network 3, via which network communication 
terminals 2, in particular mobile radio devices 2, are able to communicate, i.e. 

20 in particular exchange data, with one another or with service servers 4, for 

example a file transfer server, a finance server, a database server, or an e-mail 
server. 

The mobile radio devices 2 include a degree-of-security-determining 
module 12, 24 according to the invention, which is preferably a programmed 

25 software module located in a suitable data store, that cannot be manipulated by 
users, in the mobile radio device 2 or on a chipcard 1 connected to the mobile 
radio device 2. The degree-of-security-determining module 12, 24, is, for 
example, a component of cryptography functions 1 1 , 23 which are used in the 
mobile radio devices 12, 24. Functions of the degree-of-security-determining 

30 module 12, 24 are executed in a processor in the mobile radio device 2 or on 
the chipcard 1 connected to the mobile radio device 2. 

The main function of the degree-of-security-determining module 12, 24 is 
to set in a situation-dependent way the degree of security of the cryptography 
functions 11, 23 used in the mobile radio device 2, or respectively of the 
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security parameters used by these cryptography functions 1 1, 23. The current 
situation is thereby determined by so-called situation-indicating parameters 
which are received by the degree-of-security-determining module 12, 24 from 
secure sources. 

5 Considered as situation-indicating parameters are the respective country 

in which the mobile radio device 2 is being operated or service-specific data, 
for instance the respective service or type of service of a service server 4 being 
used by the mobile radio device 2, or data relating to protocols or protocol 
levels, which are used by this service, or other data about the respective 

10 service, or data about how a particular service or an available function is used. 
For instance, for the use of file-transfer functions in a finance application 
(financial service), a higher degree of security can be permissible than for their 
use in a database application (data service). It is also possible for the 
situation-indicating parameters to contain direct and specific data relating to 

15 the security parameters to be used, or relating to the degree of security to be 
used and/or to the maximal permissible degree of security. Data relating to the 
degree of security are preferably based on an international standard. 

Considered security parameters are, for example, the (bit) length of 
cryptographic keys used or the designation of specific cryptographic algorithms 
20 to be used from a series of possible alternative algorithms. 

A source of situation-indicating parameters, for example the service 
server 4, can then be accepted as secure if, for instance, a digital (signed) 
certificate is received from it authenticating the source. The network 
infrastructure of the mobile radio network 3 can be considered as a secure 
25 source in the sense that components, which cannot be influenced, of the 
protocol used in the mobile radio network are used as situation-indicating 
parameters. 

Situation-indicating parameters are received securely over the 
telecommunication network in the sense that they are received directly, without 
30 possibilities of being influenced by other elements, e.g. from a digital, encoded 
data object with certified key or as a component that cannot be influenced from 
the protocol data units of the protocol used in the respective mobile radio 
network 3. 
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For conversion of received situation-indicating parameters into security 
parameters to be used, the degree-of-security-determining module 12, 24 has 
at its disposal, for example, corresponding tables, which cannot be manipulated 
by the user, or corresponding program instructions, by means of which 

5 corresponding security parameters are associated with the current, received 
situation-indicating parameters. Since the permissible degree of security, or 
respectively the security parameters, can change in the course of time, in 
particular in different countries, it is possible to update these tables, or 
respectively these program instructions, with the aid of secure cryptographic 

10 functions in a responsible service center or via the mobile radio network 3. 

Situation-indicating parameters are captured by the degree-of-security- 
determining module 12, 24 in that, for instance, protocol data units received 
over the mobile radio network 3 are checked as to whether they contain a new 
country code (MCC, Mobile Country Code), or in that encoded data objects with 

15 certified key (digital certificates) received over the mobile radio network 3 are 
checked as to whether they contain situation-indicating parameters, for 
instance service-specific data such as, for example, an indication concerning 
the current type of service, e.g. e-mail or file-transfer, or concerning the use of 
a service, e.g. the use of file-transfer in a finance application (financial service) 

20 or in a database application (data service). One skilled in the art will 

understand that it is also possible to define special protocols for determining 
situation-indicating parameters, or respectively for determining degrees of 
security and/or the security parameters to be applied, which special protocols 
can be used between communication terminals 2, in particular the degree-of- 

25 security-determining module 12, 24 contained therein, and service servers 4. 

It should also be mentioned here that situation-indicating parameters 
and the differentiation of the degrees of security to be applied, or respectively 
the security parameters, can also relate to individual protocol levels, for 
example protocol levels according to the seven-layered OSI reference model 

30 (Open Systems Interconnection) of the ISO (International Standards 

Organization), so that, for instance, for the applications level (OSI level 7) and 
the transportation level (OSI level 4), different restrictions regarding 
permissible degrees of security are applicable. It should also be mentioned 
here that typically a plurality of situation-indicating parameters are combined, 

35 so that, for example, in the country "X" and in the country "Y" the same 



restrictions can apply on the transport level, but stricter restrictions apply on 
the application level for country "X" than for country "Y." 

Changes in the degree of security of the cryptography functions 1 1 , 23 
used in the mobile radio device 2, or respectively in the security parameters 
used by these cryptography functions 1 1 , 23 can be reported to the user by 
means of the display 21 , for instance through programmed functions of the 
degree-of-security-determining module 12, 24. It is also possible for the user of 
the mobile radio device 2 to be able to inform himself about the current degrees 
of security or the momentarily used security parameters by activating, for 
instance, correspondingly programmed functions of the degree-of-security- 
determining module 12, 24, e.g. by means of the operating elements 22 of the 
mobile radio device 2. 

Besides the initially mentioned advantages for the producers of products 
with cryptographic functions (11, 23), there are also possibilities for direct 
commercial marketing of the present invention. For example, communication 
terminals and/or chipcards can be manufactured and sold which include a 
degree-of-security-determining module according to the invention. It is also 
possible to produce and to sell, or provide under licensing fees, computer- 
readable data carriers containing coded data representing a computer program 
that makes it possible to control a processor, in particular in a communication 
terminal, in such a way that it sets the degree of security of cryptography 
functions (1 1 , 23) used, or respectively of security parameters applied by these 
cryptography functions (11, 23), in a situation-dependent way according to the 
method described. Computer program elements including computer program 
code means for controlling a processor, in particular a processor in a 
communication terminal, in such a way that it sets the degree of security of 
cryptography functions (11, 23) used, or of security parameters applied by 
these cryptography functions (1 , 23), in a situation-dependent way according to 
the method described, can be provided to third parties in exchange for payment 
of licensing fees, which third parties can integrate these computer program 
elements into the most various devices. 



Claims 

1 . A method for setting in a situation-dependent way the degree of 
security of cryptography functions (11, 23) which are used in communication 
terminals (2), which communication terminals (2) communicate via 
telecommunication networks (3), in which method situation-indicating 
parameters are received in a said communication terminal (2) over the 
telecommunication network (3) from a secure source (3, 4), wherein 

based on current received situation-indicating parameters, security 
parameters are determined in the said communication terminal (2), which 
security parameters are associated in the communications terminal (2) with the 
respective situation-indicating parameters, and which security parameters 
include the length of cryptographic keys and/or the designation of 
cryptographic algorithms which are used by the said cryptography functions 
(1 1 , 23) and which determine the height of the degree of security of these said 
cryptography functions (1 1 , 23). 

2. The method according to claim 1 , wherein at least certain said 
situation-indicating parameters contain service-specific data which are 
transmitted in a secure way over the telecommunication network (3) to the said 
communication terminal (2) by a service server (4) from which the said 
communication terminal (2) obtains services. 

3. The method according to one of the claims 1 or 2, wherein at least 
certain said situation-indicating parameters contain data about the permissible 
degree of security or permissible security parameters which are transmitted in a 
secure way over the telecommunication network (3) to the said communication 
terminal (2) by a service server (4) from which the said communication terminal 
(2) obtains services. 

4. The method according to one of the claims 1 to 3, wherein at least 
certain said communication terminals (2) are mobile radio devices, and at least 
certain said situation-indicating parameters contain a country code which is 
transmitted to the said mobile radio device (2) by a mobile radio network (3) in 
which the said mobile radio device (2) is roaming. 

5. A communication terminal (2) which communicates via a telecommuni- 
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cation network (3), which communication terminal (2) includes a degree-of- 
security-determining module (12, 24) in order to set in a situation-dependent 
way the degree of security of cryptography functions (1 1 , 23) which are used in 
the communication terminal (2), which degree-of-security-determining module 
(12, 24) receives situation-indicating parameters from a secure source (3, 4) in 
a secure way over the telecommunication network (3), wherein 

the degree-of-security-determining module (12, 24) includes tables or 
corresponding program instructions by means of which corresponding security 
parameters are associated with the current received situation-indicating 
parameters, which security parameters include the length of cryptographic keys 
and/or the designation of cryptographic algorithms which are used by the said 
cryptography functions (11, 23) and which determine the height of the degree 
of security of these said cryptography functions (11, 23). 

6. A chipcard (1) which is removably connectible to the communication 
terminal (2), which communication terminal (2) communicates via a 
telecommunication network (3), which chipcard (1) includes a degree-of- 
security-determining module (12) in order to set in a situation-dependent way 
the degree of security of cryptography functions (11) used in the 
communication terminal (2), which degree-of-security-determining module (12) 
receives situation-indicating parameters in a secure way over the 
telecommunication network (3) from a secure source (3, 4), wherein 

the degree-of-security-determining module (12) includes tables or 
corresponding program instructions by means of which corresponding security 
parameters are associated with the current received situation-indicating 
parameters, which security parameters include the length of cryptographic keys 
and/or the designation of cryptographic algorithms which are used by the said 
cryptography functions (1 1 , 23) and which determine the height of the degree 
of security of these said cryptography functions (1 1 , 23). 

7. A computer-readable data carrier containing coded data representing 
a computer program, which computer program makes it possible to control a 
processor in a communication terminal (2), which communication terminal (2) 
communicates over a telecommunication network (3), such that it sets in a 
situation-dependent way the degree of security of cryptography functions (1 1 , 
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23) used in the communication terminal (2), whereby it receives situation- 
indicating parameters over the telecommunication network (3) from a secure 
source (3, 4) in a secure way, wherein 

the computer program includes tables or corresponding instructions by 
means of which corresponding security parameters are associated with the 
current received situation-indicating parameters, which security parameters 
include the length of cryptographic keys and/or the designation of 
cryptographic algorithms which are used by the said cryptography functions 
(1 1 , 23) and which determine the height of the degree of security of these said 
cryptography functions (1 1 , 23). 

8. A computer program element having: computer program code means 
in order to control a processor in a communication terminal (2), which 
communication terminal (2) communicates via a telecommunication network (3), 
such that the processor sets in a situation-dependent way the degree of 
security of cryptography functions (1 1 , 23) used in the communication terminal 
(2), whereby it receives situation-indicating parameters over the telecommuni- 
cation network (3) from a secure source (3, 4) in a secure way, wherein 

the computer program includes tables or corresponding program 
instructions by means of which corresponding security parameters are 
associated with the current received situation-indicating parameters, which 
security parameters include the length of cryptographic keys and/or the 
designation of cryptographic algorithms, which are used by the said 
cryptography functions (11, 23) and which determine the height of the degree 
of security of these said cryptography functions (1 1 , 23). 
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German Language Declaration 


Als nachstehend benannter Erfinder erklare ich hiermit an 
Eides Statt: 


As a below named inventor, I hereby declare that: 


dass mein Wohnsitz, meine Postanschrift, und meine Staats- 
angehorigkeit den im Nachstehenden nach meinem Namen 
aufgefiihrten Angaben entsprechen, 


below next to my name, 


Jass ich, nach bestem Wissen der ursprungliche, erste und 
;$lleinige Erfinder (falls nachstehend nur ein Name angege- 
Een ist) oder ein urspriinglicher, erster und Miterfinder (falls 
nachstehend mehrere Namen aufgefiihrt sind) des Gegen- 
standes bin, fur den dieser Antrag gestellt wird und fur den 
ein Patent beantragt wird fur die Erfindung mit dem Titel: 


I believe ! am the original, first and sole inventor (if only one 
name is listed below) or an original first and joint inventor (if 
plural names are listed below) of the subject matter which is 
claimed and for which apatent is sought on the invention entitled 




Method and Suitable Devices for Setting 




the Degree of Security of Cryptography 




Functions ^ 


N 

iieren Beschreibung 


the specification of which 


■\zutreffendes ankreuzen) 


(check one) 


jjj hier beigefugt ist. 


)Q9 is attached hereto. 


l[t§ am unter der 


XJq was filer! nn 21 Julv 1999 ^ ac 


ri AnmeidungssfiriGnnummer 


Application Serial No PCT/CH 99/00336 


eingereicht wurrifi und am 
abgeandert wurde (falls tatsachlich abgeandert). 


and was amendfid nn 

(if applicable) 


Ich bestatige hiermit, dass ich den Inhalt der obigen Paten- 
tanmeldung einschliesslich der Anspruche durchgesehen und 
verstanden habe, die eventuell durch einen Zusatzantrag wie 
oben erwahnt abgeandert wurde. 


I hereby state that I have reviewed and understand the con- 
tents of the above identified specification, including the claims, 
as amended by any amendment referred to above. 


Ich erkenne meine Pflicht zur Offenbarung irgendwelcher In- 
formationen, die fur die Prufung der vorliegenden Anmeldung 
in Einklang mit Absatz 37, Bundesgesetzbuch Paragraph 
1.56(a) von Wichtigkeit sind, an. 


1 acknowledge the duty to disclose information which is ma- 
terial to the examination of this application in accordance with 
Title 37, Code of Federal Regulations, §1 .56(a). 


Ich beanspruche hiermit auslandische Prioritatsvorteile ge- 
mass Abschnitt 35 der Zivilprozessordnung der Vereinigten 
Staaten, Paragraph 119 aller unten angegebenen Ausland- 
sanmeldungen fur ein Patent oder eine Erfindersurkunde, 
und habe auch alle Auslandsanmeldungen fur ein Patent Oder 
eine Erfindersurkunde nachstehend gekennzeichnet, die ein 
Anmeldedatum haben, das vor dem Anmeldedatum der An- 
meldung liegt, fur die Prioritat beansprucht wird. 


I hereby claim foreign priority benefits under Title 35, United 
States Code, §1 19 of any foreign application(s) for patent or 
inventor's certificate listed below and have also identified 
below any foreign application for patent or inventor's certifi- 
cate having a filing date before that of the application on 
which priority is claimed: 
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German Language Declaration 



Ich beanspruche hiermit auslandLsche Prioritatsvorteile gcmaB Title 
35,' US-Code, § 119 (a)-(d), bzw. § 365(b) aller unten aufgefuhrten 
Auslandsanmeldungen fur Patente oder Erfindcrurkunden, oder § 
365(a) aller PCT internationalen Anmeldungen, welche wenigsteni 
ein Land ausser den Vereinigten Staaten von Amerika benennen, 
und habe nachstehend durch ankreuzcn samtliche Auslands- 
anmeldungen fur Patente bzw. Erfinderurkunden oder PCT 
internationale Anmeldungen angcgcben, deren AnmeldeUg dem der 
Anmeldung, fur welche Prioritat beansprucht wird, vorangeht. 

Prior Foreign Applications 
(Fruhere auslandische Anmeldungen) 



I hereby claim foreign priority under Title 35, United States Code, 
§ 119(aMd) or § 365(b) of any foreign applications) for patent or 
inventor's certificate, or § 365(a) of any PCT International 
application which designated at least one country other than the 
United States, listed below and have also identified below, by 
checking the box, any foreign application for patent or inventor's 
certificate, or PCT International application having a filing date 
before that of the application on which priority is claimed. 



Priority Not Claimed 
Pripritat night bgansprvchl 



Ich beanspruche hiermit Priorititsvorteile unter Title 35, US-Code, 
H 19(e) aller US-Hilfsanmeldungen wie unten aufgezahlt. 



tAppiicaSio 
(Aktenzfiici 



(Filing Date) 
(AnmeldeUg) 



(Day/Month /Year Filed) 
(Tag/Monat/Jahr der Anmeldung) 



I hereby claim the benefit under Title 35, United States Code, 
§ 119(e) of any United States provisional application(s)listed below. 



(Application No.) 
(Aktenzeichen) 



Ich beanspruche hiermit die mir unter Title 35, US-Code, § 120 
zustehenden Vorteilc aller unten aufgefuhrten US- 
Patentanmeldungen bzw. § 365(c) aller PCT internationalen 
AUmeldungen, welche die Vereinigten Staaten von Amerika 
benennen , und erkenne, insofem der Gegenstand eines jeden 
frSheren Anspruchs dieser Patentanmeldung nicht in einer US- 
Mentanrnekiung, bzw. PCT internationalen Anmeldung in in einer 
gemafi dem ersten Absatz von Tide 35, US-Code, § 112 
vorgeschriebenen Art und Weise offenbart wurde, meine Pflicht zur 
Offenbarung jeglicher Informationen an, die zur Pruning der 
Patentfahigkeit in Einklang mit Tide 37, Code of Federal 
Regulations, § 1.56 von Belang sind und die im Zeitraum zwischen 
dem Anmeldetag der fruheren Patentanmeldung und dem nationalen 
oder im Rahmen des Vertrags uber die Zusammenarbeit auf dem 
Gebiet des Patentwesen (PCT) gultigen internationalen Anmeldetags 
it geworden sind. 



I hereby claim the benefit under Title 35, United States Code, § 120 
of any United States application^), or § 365(c) of any PCT 
International application designating the United States, listed below 
and, insofar as the subject matter of each of the claims of this 
application is not disclosed in the prior United States or PCT 
International application in the manner provided by the first 
paragraph of Title 35, United States Code, § 112, 1 acknowledge the 
duty to disclose information which is material to patentability as 
defined in Title 37, Code of Federal Regulations, § 1.56 which 
became available between the filing date of the prior application and 
the national or PCT International filing date of this application- 



(Stauif) (patented, pending, abandoned) 

' >d, aufgegeben) 



(Application No.) 
(Aktenzeichen) 



(Filing Date) 
(Anmeldetag) 



Ich erklare hiermit, dafl alle in der vorliegenden Erklarung von mir 
gemachten Angaben nach bestem Wissen und Gewissen der 
Wahrheit entsprechen, und ferner daB ich diese eidesstattliche 
Erklarung in Kenntnis dessen ablege, daB wissentlich und 
vorsatzlich falsche Angaben oder dergleichen gemafl § 1001, Title 
18 des US-Code strafbar sind und mit Geldstrafe und/oder 
Gefangnis bestraft werden konnen und daB derartige wissentlich und 
vorsatzlich falsche Angaben die Rechtswirksamkeit der 
vorliegenden Patentanmeldung oder eines aufgrund deren erteilten 



I hereby declare that all statements made herein of my own 
knowledge are true and that all statements made on information and 
belief are believed to be true; and further that these statements were 
made with the knowledge that willful false statements and the like 
so made are punishable by fine or imprisonment, or both, under 
Section 1001 of Tide 18 of the United States Code and that such 
willful false statements may jeopardize the validity of the application 
or any patent iss 



[Page 2 of 3] 



German Language Declaration 



• VERTRETUNGSVOLLMACHT: Als benannter Erfinder be- POWER OF ATTORNEY: As a named inventor, I hereby 

auftrage ich hiermit den nachstehend benannten Patent- appoint the following attorney(s) and/or agent(s) to prosecute 

anwalt (oder die nachstehend bennanten Patentanwalte) und/ this application and transact all business in the Patent and 

oder Patent-Agenten mit der Verfolgung der vorliegenden Trademark Office connected therewith, (list name and regis- 

' Patentanmeldung sowie mit der Abwicklung aller damit ver- tration number) 
bundenen Geschafte vor dem Patent-und Warenzeichenamt: 
(Name und Registrationsnummer anfdhren) 

Norman F. Obion Registration Number 24.61 8: Marvin J. Spivak, Registration Number 24.91 3: C. Irvin McClelland, Registration Number 
21 124iGregory J. Maier, Registration Number^saa^rthur I. Neustadt, Registration Number 24.854; Richard D. Kelly, Registration Number 
277^James D. Hamilton, Registration Number 28,421 ; Eckhard H. Kuesters, Registration Number 28.87Q ; Robert T Pous Reg.strat.on 
4nmbir 29.099: Charles L. Gholz, Registration Numb£r_2iL32£i^yincent J. Sunderdfc*, Registration Number 29,004; WHI.am E. Beaumont, 
r M„^r^ ooR- S teven B. Kelber, Registration Number 30 073: Robert F. Gnuse, Registration dumber 27,295; Jean-Paul Lavalleye, 

auuMuuuiiwsi ■ ' ~ r, !^„ ti M,. m (,=r<soODA. Martin M 7nltink Ronigtratinn Number 3S.745; Robert W. Hahl, 



ReqistrationiSeL2L45J; Stephen G. Baxter, Registration Mimhfir3?fir*l;.Martin M. Zoltick, Registration Njtfnbjr 

-Registration'Numte t 33 89^. Richard L. Treanor, Registration N j i mhftr 36 , 379 ; Steven P. Weihrouch, Registration y 

Goolkasian SSon Number 26.142: Marc R. Labgold, Registration Nlimhftr 34 fif>1, William J. Healey, Registrat.on Number 36,1 « 
Richard L. Chinn, Registration Number 34.305: Steven E. Lipman, Registration Numhflr30 . Q11 .. C arl E. Schlier, Registration umber ,34^--, r 
James J Kulbaski Registration Number 34.648; Catherine B. Richardson, Registration Number 39,007;, Richard A. Neifeld, Registration 
Number 35,299; and J. Derek Mason, Registration Number 35.270; with full powers of substitution and revocation. 



Telefongesprache bitte richten an: 
(Name und Telefonnummer) 



Direct Telephone Calls to: (name and telephone number) 
(703) 413-3000 

Send Correspondence to: 

Oblon, Spivak, McClelland, Maer& Neustadt, P.C. 

FOURTH FLOOR 
17SS JEFFERSON DAVIS HIGHWAY 
ARUNGTON, VIRGINIA 22202 U S A. 



Voller Name des einzigen oder ursprunglichen Erfinders: 
Adriann HIIRFR 


Full name of sole or first inventor 


UnterscTlrift des Erfinders D»lu. 1 1 


Inventor's signature Date 


Wohnsitz 

6600 Lor.aron-f Switzerland) 


Residence 


Staatsangehorigkeit 
Switzerland ^ 


Citizenship 


Postanschrift 

Via F. CaDonelli 35 


Post Office Address 


6600 Locarno ( Switzerland) 




Voller Name des zweiten Miterfinders (falls zutreffend) 


Full name of second joint inventor, if any 


Unterschrift des Erfinders Datum 


Second Inventor's signature Date 


Wohnsitz 


Residence 


Staatsangehorigkeit 


Citizenship 


Postanschrift 


Post Office Address 







(Bitte entsprechende informationen und Unterschriften im 
Falle von dritten und weiteren Miterfindem angeben). 



sequent joint inventors.) 
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